KB4019214: Windows Server 2012 Standard May 2017 Cumulative Update

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by multiple vulnerabilities.

Description :

The remote Windows host is missing security update KB4019214. It is,
therefore, affected by the following vulnerabilities :

- An elevation of privilege vulnerability exists in the
Windows COM Aggregate Marshaler due to an unspecified
flaw. A local attacker can exploit this, via a specially
crafted application, to execute arbitrary code with
elevated privileges. (CVE-2017-0213)

- An elevation of privilege vulnerability exists in
Windows due to improper validation of user-supplied
input when loading type libraries. A local attacker can
exploit this, via a specially crafted application, to
gain elevated privileges. (CVE-2017-0214)

- An information disclosure vulnerability exists in the
Windows kernel due to improper handling of objects in
memory. A local attacker can exploit this, via a
specially crafted application, to disclose sensitive
information. (CVE-2017-0220)

- A remote code execution vulnerability exists in
Microsoft Internet Explorer due to improper handling of
objects in memory. An unauthenticated, remote attacker
can exploit this, by convincing a user to visit a
specially crafted website, to execute arbitrary code in
the context of the current user. (CVE-2017-0222)

- A remote code execution vulnerability exists in
Microsoft Internet Explorer due to improper handling of
objects in memory. An unauthenticated, remote attacker
can exploit this, by convincing a user to visit a
specially crafted website, to execute arbitrary code in
the context of the current user. (CVE-2017-0226)

- A remote code execution vulnerability exists in
Microsoft browsers in the JavaScript scripting engines
due to improper handling of objects in memory. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website
or open a specially crafted Office document, to
execute arbitrary code in the context of the current
user. (CVE-2017-0238)

- An information disclosure vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to disclose sensitive information.
(CVE-2017-0267)

- An information disclosure vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to disclose sensitive information.
(CVE-2017-0268)

- A denial of service vulnerability exists in Microsoft
Server Message Block (SMB) when handling a specially
crafted request to the server. An unauthenticated,
remote attacker can exploit this, via a crafted SMB
request, to cause the system to stop responding.
(CVE-2017-0269)

- An information disclosure vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to disclose sensitive information.
(CVE-2017-0270)

- An information disclosure vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to disclose sensitive information.
(CVE-2017-0271)

- A remote code execution vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to execute arbitrary code on a target server.
(CVE-2017-0272)

- A denial of service vulnerability exists in Microsoft
Server Message Block (SMB) when handling a specially
crafted request to the server. An unauthenticated,
remote attacker can exploit this, via a crafted SMB
request, to cause the system to stop responding.
(CVE-2017-0273)

- An information disclosure vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to disclose sensitive information.
(CVE-2017-0274)

- An information disclosure vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to disclose sensitive information.
(CVE-2017-0275)

- An information disclosure vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to disclose sensitive information.
(CVE-2017-0276)

- A remote code execution vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to execute arbitrary code on a target server.
(CVE-2017-0277)

- A remote code execution vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to execute arbitrary code on a target server.
(CVE-2017-0278)

- A remote code execution vulnerability exists in the
Microsoft Server Message Block 1.0 (SMBv1) server when
handling certain requests. An unauthenticated, remote
attacker can exploit this, via a specially crafted
packet, to execute arbitrary code on a target server.
(CVE-2017-0279)

- A denial of service vulnerability exists in Microsoft
Server Message Block (SMB) when handling a specially
crafted request to the server. An unauthenticated,
remote attacker can exploit this, via a crafted SMB
request, to cause the system to stop responding.
(CVE-2017-0280)

See also :

http://www.nessus.org/u?8ae1f0e3

Solution :

Apply security update KB4019214.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true